Commit 47bcad97 authored by ale's avatar ale

Actually validate tickets in Python

parent 3dd9b40a
......@@ -2,7 +2,8 @@
from sso_c import sso_generate_keys as generate_keys
from sso_c import sso_ticket_new, sso_ticket_free, \
sso_ticket_sign, sso_ticket_open, sso_strerror
sso_ticket_sign, sso_ticket_open, sso_strerror, \
sso_validate
class Error(Exception):
......@@ -78,8 +79,11 @@ class Verifier(object):
self._domain = domain
self._ok_groups = ok_groups
def verify(self, encoded_tkt):
def verify(self, encoded_tkt, nonce=None):
r, tkt = sso_ticket_open(encoded_tkt, self._pk)
if r != 0:
raise Error(r)
r = sso_validate(tkt, self._service, self._domain, nonce, self._ok_groups)
if r != 0:
raise Error(r)
return Ticket(tkt)
......@@ -54,7 +54,7 @@ class KnownDataVerifierTest(unittest.TestCase):
self.verifier = sso.Verifier(self.public, 'service/', 'sso.net')
def test_sign_and_verify(self):
tkt = sso.Ticket('user', 'service/', 'domain')
tkt = sso.Ticket('user', 'service/', 'sso.net')
signed = self.signer.sign(tkt)
t2 = self.verifier.verify(signed)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment